certificates
Lenovo makes new critical security mistakes
After the Superfish debacle earlier this year, Lenovo’s security practices have once again been found lacking as researchers have discovered several vulnerabilities in …
Mozilla revokes trust for CNNIC certificates
Mozilla has joined Google in revoking trust for certificates issued by the China Internet Network Information Center (CNNIC) Certificate Authority. CNNIC is the administrative …
Google decides to stop trusting CNNIC certificates
In the wake of last week’s incident caused by the issuance of unauthorized digital certificates for a number of Google domains by the hands of MCS Holdings, an …
How to wipe Superfish adware and offending cert from your Lenovo laptop
After the recent revelation that Lenovo has been shipping some of it laptops with pre-installed adware that’s also breaking the security of secure connections by using …
Gogo in-flight WiFi service serves fliers fake Google certs
Gogo, a noted provider of in-flight broadband Internet service, has been spotted serving a fake Google SSL certificate to fliers trying to access YouTube, effectively …
Flawed reused code opens zero-day in Cyanogenmod
An unnamed security researcher says that Cyanogenmod, the popular Android-based mobile OS, sports a zero-day vulnerability that can be misused to target users with …
HP to revoke certificate that was used to signed malware
HP has announced to its customers that it will soon revoke a specific private digital certificate that they used to sign some software components that ship with some of its …
Critical SSL flaw patched in Firefox, Thunderbird, Chrome
If you are a Mozilla Firefox, Thunderbird or Seamonkey user, you should implement the latest patches issued by the company as soon as possible, as they fix a critical bug …
Interest for SSL and PKI on the rise
The surge in the number of data breaches and recent security bugs such as Heartbleed has generated strong interest in digital certificates and technologies, including SSL and …
Google catches India with fake certificates
As the world becomes more dependent, and some might say blindly so, on digital certificates it’s only natural that attackers will seek to circumvent this trust. Whether …
Researchers find, analyze forged SSL certs in the wild
A group of researchers from Carnegie Mellon University and Facebook has managed to get a concrete sense of just how prevalent SSL man-in-the-middle attacks using forged SSL …
Mozilla offers $10,000 for bugs in its new cert verification library
In the wake of the recent discoveries of the Heartbleed OpenSSL bug and the SSL “gotofail” bug, Mozilla has announced a new and topical bug bounty program: it …